Cloud lessons from the Department of Defense

The US Department of Defense announced a massive tender – to the tune of US$10 billion – for a single cloud vendor to build its enterprise cloud last year. This puts the responsibility for securing weapons systems and classified data into the hands of a private sector player.

This is the future for governments, which more and more are announcing a cloud-first model, explains Daniel Angelucci, Chief Technology Officer for Asia at DXC Technology. From Philippines Cloud-First to Singapore’s CODEX, the whole region is testing out new infrastructure. And, in Angelucci’s eyes, this will make them far more secure than the alternative options.

Cloud will also allow agencies to access and analyse data in ways that “create a whole bunch of new business opportunities,” remarks Angelucci, who will be speaking on this topic at an upcoming govtech workshop by DXC Technology and Amazon Web Services. He outlines how this will look in practice, and why agencies should “chase the data”.

A whole new world

Cloud helps governments to break down the walls between siloed data, allowing them to use the “wide diversity” of data sources that are available, Angelucci explains.

“The data will still continue to exist in different spots but it is all in a common cloud.”

The US Department of Defense will soon be able to access all of their stores of data – from data on procurement, to safety and combat effectiveness – and combine, cross-reference or analyse them in new, interesting ways. “The data will still continue to exist in different spots but it is all in a common cloud,” says Angelucci.

How will this look in practice? Instead of using a data centre to store your data, and requesting or accessing it when needed, “the better strategy is, bring your applications to the data” in what is called a “cloud exchange”, Angelucci explains.

This is where DXC Technology comes in to manage data, systems and services, ensuring that they are all running as they should. This approach does away with any concerns around latency – the speed at which users can access bits of data, Angelucci says. “If you’re after sub-three millisecond latency but you don’t get it, the exchange just doesn’t work,” he says.

The public safety angle

How can this approach help South East Asian governments? Take Singapore as an example, Angelucci says. A cloud exchange could bring together valuable data from other sources outside of government to improve public safety.

To get a complete picture of the security of a compound for instance, public safety agencies may need to tap on CCTV camera footage from neighbouring private properties. “The problem is, it is unlikely that the camera is actually owned by the same organisation, whether it be a government organisation, or a private organisation, as the people who own the ones inside the compound,” Angelucci says.

It can be challenging to bring data from these disparate sources together to produce cohesive, meaningful insights, he continues. One way is to build analytical models to ‘value’ or ‘devalue’ the information from these cameras, and create “degrees of trust” based on whether the cameras are owned by your agency or not. What’s more, there could be concerns around the quality of external video footage, or whether it has been tampered with, which will influence how much the footage should be trusted.

Any conclusions drawn from the analyses of external camera footage will be less certain, Angelucci admits. Nevertheless, it will still be useful to help teams in charge of perimeter security to get a full situational picture, he points out.

Is it secure?

Angelucci notes that governments still cite the security angle as a barrier to cloud adoption. However, cloud vendors have a “vested interest” in ensuring the best possible security – and perhaps are “better” at it than what government is capable of, he notes. These vendors are certainly willing to pay for “absolutely the best security people and processes” available, as their entire business model is based on the security of their services, he points out.

“The security factor is more of a psychological barrier that we need to get over.”

What’s more: “the attack surface of a cloud service is a lot less than if you were to try to track back to private data centres,” he explains. “The security factor is more of a psychological barrier that we need to get over.”

Angelucci will share more in Singapore this Friday 26 April at an exclusive workshop run by DXC Technology and Amazon Web Services. It will provide a closer look at cloud exchanges, and share exclusive insights into the most agile companies in the world. Other speakers at the event include: